General
-
Target
788e06e0c5d05c250112554074123eaa_JaffaCakes118
-
Size
174KB
-
Sample
240527-kl5wfaea5s
-
MD5
788e06e0c5d05c250112554074123eaa
-
SHA1
5b779f5258655939297db9225ea39f796e397d89
-
SHA256
e1834f24a6c23a1cd598e6f883113eb6660f856df27c87c4db32b6ac587eb078
-
SHA512
538a32bb5994fb3dcc049dc28d11f430bfd1e4f9630af58693a3dfeae960fde8ea4ce39cc1aa58253dbd308dbe0d0e99cbc1e009702ed4b2f1bc225430e6670b
-
SSDEEP
3072:a6WnIAhRMlCgB2mXJmNZJuZckPBDQPi7:kbMlDwMhPBb
Behavioral task
behavioral1
Sample
788e06e0c5d05c250112554074123eaa_JaffaCakes118.doc
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
788e06e0c5d05c250112554074123eaa_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://www.koziolku.pl/omgr/
http://www.sca4christ.org/ZLkpa/
http://www.thfpark.website/9Pjk/
http://www.tomoguitars.pl/bEUW/
http://www.thainhp.org/assets/gca/7QQ3F/
Targets
-
-
Target
788e06e0c5d05c250112554074123eaa_JaffaCakes118
-
Size
174KB
-
MD5
788e06e0c5d05c250112554074123eaa
-
SHA1
5b779f5258655939297db9225ea39f796e397d89
-
SHA256
e1834f24a6c23a1cd598e6f883113eb6660f856df27c87c4db32b6ac587eb078
-
SHA512
538a32bb5994fb3dcc049dc28d11f430bfd1e4f9630af58693a3dfeae960fde8ea4ce39cc1aa58253dbd308dbe0d0e99cbc1e009702ed4b2f1bc225430e6670b
-
SSDEEP
3072:a6WnIAhRMlCgB2mXJmNZJuZckPBDQPi7:kbMlDwMhPBb
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-